zydronium/rdpgw
1
0
Fork 0
mirror of https://github.com/bolkedebruin/rdpgw.git synced 2025-08-25 01:23:28 +02:00
Code Issues Projects Releases Packages Wiki Activity

Return proper error if caps don't match

Browse source
This commit is contained in:
Bolke de Bruin 2022-08-10 22:20:49 +02:00
parent 954ad4dc4c
commit 1ac36df867
1 changed files with 26 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

38
cmd/rdpgw/protocol/server.go
View file

@ -74,12 +74,19 @@ func (s *Server) Process(ctx context.Context) error {
log.Printf("Client handshakeRequest from %s", common.GetClientIp(ctx)) log.Printf("Client handshakeRequest from %s", common.GetClientIp(ctx))
if s.State != SERVER_STATE_INITIALIZED { if s.State != SERVER_STATE_INITIALIZED {
log.Printf("Handshake attempted while in wrong state %d != %d", s.State, SERVER_STATE_INITIALIZED) log.Printf("Handshake attempted while in wrong state %d != %d", s.State, SERVER_STATE_INITIALIZED)
msg := s.handshakeResponse(0x0, 0x0, E_PROXY_INTERNALERROR) msg := s.handshakeResponse(0x0, 0x0, 0, E_PROXY_INTERNALERROR)
s.Session.TransportOut.WritePacket(msg) s.Session.TransportOut.WritePacket(msg)
return fmt.Errorf("%x: wrong state", E_PROXY_INTERNALERROR) return fmt.Errorf("%x: wrong state", E_PROXY_INTERNALERROR)
} }
major, minor, _, _ := s.handshakeRequest(pkt) // todo check if auth matches what the handler can do major, minor, _, auth := s.handshakeRequest(pkt) // todo check if auth matches what the handler can do
msg := s.handshakeResponse(major, minor, ERROR_SUCCESS) caps, err := s.matchAuth(auth)
if err != nil {
log.Println(err)
msg := s.handshakeResponse(0x0, 0x0, 0, E_PROXY_CAPABILITYMISMATCH)
s.Session.TransportOut.WritePacket(msg)
return err
}
msg := s.handshakeResponse(major, minor, caps, ERROR_SUCCESS)
s.Session.TransportOut.WritePacket(msg) s.Session.TransportOut.WritePacket(msg)
s.State = SERVER_STATE_HANDSHAKE s.State = SERVER_STATE_HANDSHAKE
case PKT_TYPE_TUNNEL_CREATE: case PKT_TYPE_TUNNEL_CREATE:
@ -196,15 +203,7 @@ func (s *Server) Process(ctx context.Context) error {
// Creates a packet the is a response to a handshakeRequest request // Creates a packet the is a response to a handshakeRequest request
// HTTP_EXTENDED_AUTH_SSPI_NTLM is not supported in Linux // HTTP_EXTENDED_AUTH_SSPI_NTLM is not supported in Linux
// but could be in Windows. However the NTLM protocol is insecure // but could be in Windows. However the NTLM protocol is insecure
func (s *Server) handshakeResponse(major byte, minor byte, errorCode int) []byte { func (s *Server) handshakeResponse(major byte, minor byte, caps uint16, errorCode int) []byte {
var caps uint16
if s.SmartCardAuth {
caps = caps | HTTP_EXTENDED_AUTH_SC
}
if s.TokenAuth {
caps = caps | HTTP_EXTENDED_AUTH_PAA
}
buf := new(bytes.Buffer) buf := new(bytes.Buffer)
binary.Write(buf, binary.LittleEndian, uint32(errorCode)) // error_code binary.Write(buf, binary.LittleEndian, uint32(errorCode)) // error_code
buf.Write([]byte{major, minor}) buf.Write([]byte{major, minor})
@ -225,6 +224,21 @@ func (s *Server) handshakeRequest(data []byte) (major byte, minor byte, version
return return
} }
func (s *Server) matchAuth(extAuth uint16) (caps uint16, err error) {
if s.SmartCardAuth && extAuth & HTTP_EXTENDED_AUTH_SC == 1 {
caps = caps | HTTP_EXTENDED_AUTH_SC
}
if s.TokenAuth && extAuth & HTTP_EXTENDED_AUTH_PAA == 1 {
caps = caps | HTTP_EXTENDED_AUTH_PAA
}
if caps & extAuth == 0 {
return 0, fmt.Errorf("%x has no matching capability configured (%x). Did you configure caps? ", extAuth, caps)
}
return caps, nil
}
func (s *Server) tunnelRequest(data []byte) (caps uint32, cookie string) { func (s *Server) tunnelRequest(data []byte) (caps uint32, cookie string) {
var fields uint16 var fields uint16